Application & systems design, deployment, provisioning and tooling for cloud services at Anki. Presented at the AdvancedAWS meetup on Jan 21, 2014 at Anki HQ.
Services, analytics and infrastructure ● Provides web & analytics services for Anki ● Example services: ○ Gameplay diagnostics ○ Game replays ○ Customer service platform ○ Future Anki DRIVE enhancements
● Application processes are stateless ● Loose coupling among services ● Configuration is in the environment ● Built for continuous deployment Application design
Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred ● Infrastructure as code ● Single purpose VPCs ● Contract between backing resources and applications
Goal: Continuous deployment Source Repo commit GitHub Web Hook Deploy Worker Old Release Remains Running Integration Tests Deploy to Integration Deploy to Production Integration tests pass SQS New Release Live Integration tests fail Notify Check for commits Commit found DNS Change
Deployment and Provisioning ● New code, new instances ● Instance store-backed AMIs built with Packer ● AMIs ship with base Docker containers ● Instances provisioned with Ansible
● Base container, service container, release container ● Local dev == Production ● Exceptional community ● Challenges ○ Rapidly changing ○ Logging ○ Debugging
● IAM roles and policies created via CloudFormation ● Intra-VPC traffic authorized by SG ID ● Precise subnetting allows for future network ACLs ● … some credentials still laying around in plain text On security
bwhaley
pospome
joker1007
smt7174
knsg16
mtx2s
codenote
optimisuke
coconala_engineer
cybozuinsideout
i35_267
bun913
bengo4com
wjessup
philnash
phodgson
thoeni
smashingmag
3n
jlugia
panda_program
shpigford
zenorocha
mraible
reverentgeek